[SOLVED]Windows 7 horribly slow connection time (browsing)

I have 2 computers which both have windows 7 32 and 64 respectively. They are very fast, including browsing.

I installed comodo firewall, rebooted, and they take near 30 seconds whenever they visit a new website (I.E. perform a DNS lookup)

Nothing has been installed, Defender, Updates, and WFirewall have been disabled. The only customization are that frivolous services have been disabled.

Right clicking and disabling the firewall brings back lightning performance, turning it on kills it.


[b]Edit(copied from last post):
It was ECN capability under “netsh int tcp show global”,

Turning on ECN capability causes comodo firewall to poo itself. Where can I file a bug report?

Note that both my home and my university uses this and it’s very useful.[/b]

go to ‘Network Security Policy’>choose iexplorer>edit>choose
Use a Predefined Policy>choose Web Browser>Apply

If it doesn’t take care of it, please post here the details about your computer.

Update Windows please for your security and stability.

Same here! Three wasted hours of installations / un-installations - no result.
Fresh new Win 7 64 Ultimate, all updates as of 01-09-2010
Win firewall and defender were off.
Tried Opera 10.0 / 10.10 and IE
“Web Browser” policy trick has been done (as well as “Trusted” and Custom)…

Do both of you guys have a Routers?

DsL Line-> DSL modem (Westel) → Switch (Dell Powerconnect 2724) → Win7 unit (comodo equipped)
Same config has been working perfectly almost a year (system was under XP64)

No it did not improve. FF 3.5.7.

Dell laptop, centrino M 2.0GHz
2GB Ram
broadcom wired
Intel Wireless

Core i7 860
P55 Gigabyte board with dual Marvell Gigabit LAN
4GB Ram

Interestingly enough I did have one computer that was not affected:
Xeon E3110
Gigabyte EP45-UD4R
2GB Ram
Marvell Gigabit LAN

Omelet: Yes I have a DIR-655 but that’s not it because the behavior did not change from when I was at my University (Triple OC18 lines). And that EP45 computer had/has no issues at either site.

Edit: Honestly I might have disabled a service that somehow comodo or DNS relies on. But I don’t see any relevant ones.

running CIS (no CAV) on a Win7/64 Ultimate system here and I have no issue at all ??? …no problem either in the past with Seven beta, RC and Enterprise trial. CIS doesn’t change anything to my browsing speed, whether on FF 3.57, Chrome, Opera, or IE.

Just mentioning that not applying the web browser policy cannot be the issue, as it’s in fact more restrictive than the other solution: allow all IP out :wink:

edit: I wrote something wrong, browsing speed was too slow in the beginning with CIS (older version) and Seven beta, but that was back a year ago almost and that was solved completely.

Can you disable “Block Fragmented IP datagrams”, its found under Firewall > Advanced > Attack detection Settings > Miscellaneous > Block Fragmented IP datagrams… See if that helps.

Can you post screenshots of the Firewall logs (Firewall → Common Tasks → View Firewall Events) and your Global Rules (Firewall → Advanced -->Network Security Policy)?

Just a quick update.
Suddenly it has started working after n-th re-installing.
Kept everything by default this time. The only guess what was different this time - I let comodo keep suggested LAN name (e.g. “Local Area Network # 1”) as opposed to all previous attempts when I’d named it manually (“LAN1”, “LAN-01”, etc).
No idea how long it’ll last this time though :slight_smile:

It’s blank, I’m not blocking ANYTHING so it’s not getting logged.

I already disabled the fragmented datagrams as one of the first things I tried.

Is there nothing in your Global Rules as either?

I don’t know, I’ve uninstalled comodo from all the machines and turned on windows firewall at (public network) config. Sorry but I can’t spend any more time right now trying to debug comodo. Maybe I’ll try later.

These are vanilla Windows 7 and vanilla comodo installs and firefox 3.5.7. There’s nothing special or different about them.

Edit: wait, I just remembered I tweak my networking stack on all installs.

RSS on
Chimney offload on
autotuning on
ecn off
dca on

Any chance it’s those (I don’t have comodo installed atm)

It was ECN capability under “netsh int tcp show global”,

Turning on ECN capability causes comodo firewall to shit itself. Where can I file a bug report?

Thank you for isolating this bug.

You can file a bug report in Firewall Bugs.

Make sure to follow the submit guidelines described in IMPORTANT: HOW TO SUBMIT BUGREPORTS (READ THIS IF YOU WANT THEM FIXED).